<?php
include ("config.php");
include ("functions.php");

$username = $_POST["username"];
$password = $_POST["password"];

if(trim($username) != "" && trim($password) != "")
{
	$username = strtolower(htmlentities(limpiar($username), ENT_QUOTES));
	$password = limpiar($password);
	$result = mysql_query('SELECT password, username, uid FROM tw_users WHERE username=\''.$username.'\'');
	if($row = mysql_fetch_array($result)){
		if($row["password"] == $password){
			$_SESSION["k_username"] = $row['username'];
                        $_SESSION["k_uid"] = $row['uid'];
                        header ("Location: index.php");
			echo 'Has sido logueado correctamente '.$_SESSION['k_username'].' <p>';
			echo '<a href="index.php">Index</a></p>';
			//Elimina el siguiente comentario si quieres que re-dirigir automáticamente a index.php
			/*Ingreso exitoso, ahora sera dirigido a la pagina principal.*/
			echo '<SCRIPT LANGUAGE="javascript">
			location.href = "index.php";
			</SCRIPT>';
		}else{
			echo 'Password incorrecto';
		}
	}else{
		echo 'Usuario no existente en la base de datos';
	}
	mysql_free_result($result);
}else{
	echo 'Debe especificar un usuario y password';
}

?>
